Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/_VgEj51BJ8TTR-7z-x7xdhnLzII.roa
File:                     _VgEj51BJ8TTR-7z-x7xdhnLzII.roa (raw, json)
Hash identifier:          fhHj5vS3yAQMZGrfKMiUUKNzj8ilqRRKkUhLptwuzkY=
Subject key identifier:   FD:58:04:8F:9D:41:27:C4:D3:47:EE:F3:FB:1E:F1:76:19:CB:CC:82
Certificate issuer:       /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial:       01971846AE9EB6E09842C4D5F6F8D0F42038
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/_VgEj51BJ8TTR-7z-x7xdhnLzII.roa
Signing time:             Wed 28 May 2025 19:02:54 +0000
ROA not before:           Wed 28 May 2025 19:02:54 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     212238
IP address blocks:        144.56.20.0/24 maxlen: 24
                          144.56.34.0/24 maxlen: 24
Validation:               Failed, certificate revoked on Wed 04 Jun 2025 09:16:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:18:46:ae:9e:b6:e0:98:42:c4:d5:f6:f8:d0:f4:20:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
        Validity
            Not Before: May 28 19:02:54 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=fd58048f9d4127c4d347eef3fb1ef17619cbcc82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:e8:28:f4:d1:2c:f4:07:89:db:b3:69:64:17:
                    6c:ea:16:b4:5b:36:2e:1d:5f:34:08:2d:74:18:ae:
                    85:21:ef:4f:2d:fd:a8:06:31:73:c7:82:50:af:04:
                    aa:4d:09:41:19:74:ae:a2:2c:ec:05:6a:4f:96:60:
                    83:9f:96:d4:d6:8d:68:f2:95:97:a2:48:fa:84:e9:
                    6c:7f:bd:d3:78:e4:be:4b:95:04:6d:a8:98:cc:82:
                    12:b6:a5:e2:4c:86:d2:ab:9e:3d:bf:00:13:60:e8:
                    12:22:95:1d:f0:6c:60:c5:53:74:89:dc:90:bc:ad:
                    ba:c7:24:44:42:53:6b:7d:c2:0e:d6:bd:3c:00:50:
                    73:d5:e2:23:20:96:7f:78:fb:91:32:cf:7c:a0:14:
                    e3:de:10:51:6f:e7:8e:90:79:53:ff:99:d3:d9:94:
                    03:86:5c:28:96:a5:d7:fc:59:8d:9b:da:88:68:f6:
                    c8:1e:d7:7d:87:cb:e4:fd:f9:95:c4:39:d8:5d:7e:
                    79:53:2c:f0:a0:bb:8c:8e:01:d3:c8:a0:16:2d:20:
                    70:74:e2:bb:d2:34:34:cc:e3:65:2f:c7:93:6f:de:
                    03:42:fe:74:ee:44:35:05:12:62:35:c2:e4:66:8b:
                    fc:77:66:f6:a4:9f:c9:f7:0f:dc:d9:af:23:ba:27:
                    b6:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:58:04:8F:9D:41:27:C4:D3:47:EE:F3:FB:1E:F1:76:19:CB:CC:82
            X509v3 Authority Key Identifier:
                keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/_VgEj51BJ8TTR-7z-x7xdhnLzII.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.56.20.0/24
                  144.56.34.0/24

    Signature Algorithm: sha256WithRSAEncryption
         54:77:4a:ac:3f:38:38:23:6a:b9:1d:c9:29:e8:62:3d:7c:9c:
         c6:46:c2:fa:88:62:5c:dd:ae:23:16:66:ef:44:1b:bd:b9:80:
         ec:42:18:7e:b3:06:54:22:24:d3:8f:fa:4a:58:64:df:c7:78:
         b4:a4:19:a3:0f:fc:e0:95:a7:64:7a:de:dd:c3:31:43:9c:1f:
         b5:cb:2d:19:4e:7a:b5:76:c0:3d:13:83:7e:61:5c:87:98:c8:
         47:c9:27:22:18:9b:e5:ab:53:5b:63:99:16:9c:54:93:69:a6:
         20:43:19:8c:d2:dd:56:7b:49:36:31:67:ce:de:f3:7a:58:5e:
         58:a7:c1:a6:a1:13:06:73:e9:e5:6b:4c:5e:6e:97:39:8b:39:
         0d:f9:90:06:ab:9a:76:99:c2:5b:b9:42:60:27:61:b1:07:0e:
         7a:85:85:04:b1:31:35:31:e9:d3:eb:bd:3a:42:5a:81:b7:71:
         25:07:61:13:fe:0f:dc:e8:c3:2b:e7:40:5f:da:9b:57:d9:4a:
         83:63:68:dc:1d:76:22:fb:03:60:68:be:84:31:00:71:aa:6c:
         da:4a:14:53:ae:42:81:d0:43:79:51:b7:ef:1f:91:da:5c:e1:
         7e:be:6f:d9:6d:0f:ac:5b:d0:a1:cd:bd:20:89:21:fd:8d:e1:
         41:af:3e:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcYRq6etuCYQsTV9vjQ9CA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNTI4MTkwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDU4MDQ4ZjlkNDEyN2M0ZDM0N2VlZjNmYjFlZjE3NjE5Y2JjYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiugo9NEs9AeJ27NpZBds6ha0WzYu
HV80CC10GK6FIe9PLf2oBjFzx4JQrwSqTQlBGXSuoizsBWpPlmCDn5bU1o1o8pWX
okj6hOlsf73TeOS+S5UEbaiYzIIStqXiTIbSq549vwATYOgSIpUd8GxgxVN0idyQ
vK26xyREQlNrfcIO1r08AFBz1eIjIJZ/ePuRMs98oBTj3hBRb+eOkHlT/5nT2ZQD
hlwolqXX/FmNm9qIaPbIHtd9h8vk/fmVxDnYXX55UyzwoLuMjgHTyKAWLSBwdOK7
0jQ0zONlL8eTb94DQv507kQ1BRJiNcLkZov8d2b2pJ/J9w/c2a8juie2NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP1YBI+dQSfE00fu8/se8XYZy8yCMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvX1ZnRWo1MUJKOFRUUi03ei14N3hkaG5MeklJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkDgUAwQA
kDgiMA0GCSqGSIb3DQEBCwUAA4IBAQBUd0qsPzg4I2q5Hckp6GI9fJzGRsL6iGJc
3a4jFmbvRBu9uYDsQhh+swZUIiTTj/pKWGTfx3i0pBmjD/zgladket7dwzFDnB+1
yy0ZTnq1dsA9E4N+YVyHmMhHySciGJvlq1NbY5kWnFSTaaYgQxmM0t1We0k2MWfO
3vN6WF5Yp8GmoRMGc+nla0xebpc5izkN+ZAGq5p2mcJbuUJgJ2GxBw56hYUEsTE1
MenT6706QlqBt3ElB2ET/g/c6MMr50Bf2ptX2UqDY2jcHXYi+wNgaL6EMQBxqmza
ShRTrkKB0EN5UbfvH5HaXOF+vm/ZbQ+sW9Chzb0giSH9jeFBrz7W
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:17:54 2025 by rpki-client